“Prediction is very difficult,” the Nobel Prize-winning physicist Niels Bohr once said, “especially about the future.”
Security depends on the ability to make reliable predictions using what we know about the past to model the future.
There are some predictions that you can make pretty reliably. People are going to get drunk on New Year’s Eve. There will probably be a line for Star Wars. Your next phone will be faster than your last one.
And based on the past, there’s one prediction for 2016 that our Chief Research Officer Mikko Hyppönen feels confident enough to make with 100 percent confidence.
“The Olympics in Rio will be targeted,” he told us. “This is not a possibility; it’s a certainty. It’s going to happen.”
How does he know this for sure?
“Network systems of all Olympic Games have been targeted since the 1994 winter olympics in Lillehammer.”
What will the attacks look like? That’s where the uncertainty comes in.
“Some of the attackers will be interested in just disrupting the games with DDoS and defacements and so,” he said. “Some of them want to make money with fake ticket shops and credit card phishing.”
The advice our Sean Sullivan gave in 2012 as the London Olympics were approaching still holds: “…be wary of Olympic (and any other current event) themed e-mails.”
Could there be a larger attack on actual infrastructure given that we know that’s a goal of groups like ISIS?
“Islamic State is the first extremist group with a credible cyber offensive capability,” Mikko said. “None of the terrorist groups before have had such specialists in their ranks. Nevertheless, they aren’t yet at the level to do cyber terror attacks. They mostly use the net to organize themselves: to communicate, to spread propaganda and to recruit.”
While they’d like to take down power grids, so far the exploits have been mostly limited to stealing Twitter passwords.